summaryrefslogtreecommitdiff
path: root/website-run-through
diff options
context:
space:
mode:
authorErich Eckner <git@eckner.net>2019-09-02 10:31:30 +0200
committerErich Eckner <git@eckner.net>2019-09-02 12:03:10 +0200
commit4cb7f201a74ebd1709f544f79cdff6855f853e0d (patch)
tree62277205ef753c6894887f8fb4d5535afd9fb824 /website-run-through
parentae6cc296f850009ee4a088cf65ee971d6a501e55 (diff)
downloadsimple-pki-4cb7f201a74ebd1709f544f79cdff6855f853e0d.tar.xz
useful defaults, no password on CAs
Diffstat (limited to 'website-run-through')
-rwxr-xr-x[-rw-r--r--]website-run-through27
1 files changed, 19 insertions, 8 deletions
diff --git a/website-run-through b/website-run-through
index b4d2f42..0432ba1 100644..100755
--- a/website-run-through
+++ b/website-run-through
@@ -1,5 +1,7 @@
#!/bin/bash
+rm -rf --one-file-system ca certs
+
mkdir -p ca/root-ca/private ca/root-ca/db crl certs
chmod 700 ca/root-ca/private
@@ -13,7 +15,7 @@ openssl req -new \
-out ca/root-ca.csr \
-keyout ca/root-ca/private/root-ca.key
-openssl ca -selfsign \
+openssl ca -batch -selfsign \
-config etc/root-ca.conf \
-in ca/root-ca.csr \
-out ca/root-ca.crt \
@@ -32,24 +34,33 @@ openssl req -new \
-out ca/signing-ca.csr \
-keyout ca/signing-ca/private/signing-ca.key
-openssl ca \
+openssl ca -batch \
-config etc/root-ca.conf \
-in ca/signing-ca.csr \
-out ca/signing-ca.crt \
-extensions signing_ca_ext
-SAN=DNS:www.simple.org \
+SAN=DNS:test.local \
+CN=test.local \
openssl req -new \
-config etc/server.conf \
- -out certs/simple.org.csr \
- -keyout certs/simple.org.key
+ -out /tmp/nginx.csr \
+ -keyout /tmp/nginx.key
-openssl ca \
+openssl ca -batch \
-config etc/signing-ca.conf \
- -in certs/simple.org.csr \
- -out certs/simple.org.crt \
+ -in /tmp/nginx.csr \
+ -out /tmp/nginx.crt \
-extensions server_ext
+cat /tmp/nginx.crt ca/signing-ca.crt ca/root-ca.crt > /tmp/nginx.chain
+
+sudo systemctl restart nginx
+
+curl -Ss https://test.local --cacert ca/root-ca.crt
+
+exit 0
+
openssl ca \
-config etc/signing-ca.conf \
-revoke ca/signing-ca/01.pem \